Sam's place

I might get technical or just downright strange

Monday, September 27, 2004

GDI+ JPEG viruses now in the wild

This is what you've all been waiting for, folks. There is now a virus that spreads inside JPEG files targetted towards vulnerableMicrosoft implementations. Yet another file format down the drain at email gateways across the world.

Everyone, please, go to Windows Update if you are using a Microsoft operating system, browser, or email software.

Links to this post:

Click here to become infected

It looks like spammers and virus writers are up to it again. We all know, of course, never to click on unsubscribe links. Well, here's one more reason not to. Some spammers are now seeding unsubscribe links with code designed to exploit unpatched vulnerabilities in Internet Explorer.

So, unless you want to risk your computer becoming part of the network of compromised hosts some spammers are using these days, do not EVER click on unsubscribe links.

Thunderbird Extension for Sender Policy Framework (SPF)

Something like this could be really useful if IMAP or POP3 had a method for reliably reproducing the SMTP envelope information on received email. It's too bad end-user applications end up having to muck around inside the RFC-822 Received: headers.

Links to this post:

Saturday, September 11, 2004

running XMMS instead of KsCD using magicdev

I don't have an analog audio cable attaching both of my CD drives to my sound card. I think I have one connected directly, but I'm not completely sure. When I drop a CD into a drive, it is hit-or-miss whether KsCD and other analog input CD players can output music.

XMMS, on the other hand, can perform digital extraction from uncabled CD drives. That, and it is a nicely unified player that I use for other audio formats anyways.

Mandrake 10.0, unfortunately, is configured to use KsCD by default when a new CD is put into a drive. This is just extra irritation, when all I want to do is listen to some music.

It looks like there are alot of people out there wanting to run XMMS when they load up a CD, but nobody has a good answer. I now have one, no thanks to magicdev's utter lack of documentation.

To get magicdev to load the CD in XMMS you can't just run gnome-cd-properties (which is "the" way to configure magicdev) and change the command to run /usr/bin/xmms when a music CD is inserted. This would be the simplest configuration change.

The reason you can't just edit the settings in gnome-cd-properties (or heaven-forbid, browse for a program using a nice picker) is because there is UI and no documented way to manipulate the parameters magicdev passes to executed programs. magicdev does seem to provide a special expression-passing language. However, in gnome-cd-properties, the only example of this is "%d", which passes the device name (eg, /dev/hdc).

This parameter format works great for programs that expect it, but XMMS just gets a segfault if it is passed a device (/dev/hdc) instead of a directory (/mnt/cdrom) or a file it understands. So we need to translate /dev/hd* into the appropriate mounted directory. /etc/fstab has the necessary information, we just need to parse it and pass it to XMMS.

There are two places this can be done. One is a per-user setting, the other place you can edit will change CD behavior system-wide, and can only be done as root.

If you can only change your own settings, or want to make changes on a per-user basis, run gnome-cd-properties. Set the command for audio CD's to "/usr/bin/xmms `awk '$1=="'%d'" {print $2}' /etc/fstab`" and click Exit.

If you want to make a system-wide change, open a console, su to root, then use your favourite editor to change the "launch kscd" line in /etc/dynamic/user-scripts/audio_cd.script to "launch xmms `awk '$1=="'$DEV'" {print $2}' /etc/fstab`". Save, and exit.

To test your changes, put a CD into the drive. XMMS should open with the CD's tracks in the playlist, and begin playing.

Links to this post:

Saturday, September 04, 2004

Well, it looks like Microsoft is up to it's old Caller-ID tricks with the child of Caller-ID and SPF. Sender ID was supposed to be the best of both standard proposals. It looks like Microsoft felt that a licence was "better" than no licence. I wonder what Meng Wong thinks of that.

Also, what is the IETF doing considering encumbered technologies for inclusion in any kind of "open" standard?